hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-16 16:04:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
49,367 Commits 1,679 Branches 158 Tags
codeql-cli/v2.12.1
Commit Graph

49367 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Geoffrey White
37cdef7ab1 Swift: add basic Alamofire taint source model. 2022-11-25 00:14:23 +00:00
Geoffrey White
afb5dc7da3 Swift: Add test for Alamofire sources. 2022-11-25 00:08:51 +00:00
Harry Maclean
2822c94aa7 Ruby: Minor refactor of barrier guard code 2022-11-25 09:12:51 +13:00
Harry Maclean
6897fb46cb Ruby: Clean up WhenClause CFG 2022-11-25 09:12:51 +13:00
Alexander Eyers-Taylor
3c7f7511be Merge pull request #11418 from alexet/alexet/mockito-class-rename 
Java: Add new Mockito runner class location.
 2022-11-24 17:49:31 +00:00
alexet
e24e3bf13f Java: Add new Mockito runner class location. 2022-11-24 16:43:57 +00:00
erik-krogh
5f6cb1684b move the code-injection tests into a subfolder 2022-11-24 17:23:25 +01:00
Henry Mercer
df3dc6fadc Merge pull request #11414 from github/codeql-ci/atm/release-0.4.2 
JS: Bump version numbers of ML-powered packs after 0.4.2 release
 2022-11-24 16:07:28 +00:00
Alex Ford
e6446e501c Ruby: fix docs failure 2022-11-24 15:37:03 +00:00
Alex Ford
893c8763bb Ruby: model ActiveSupport json_escape flow 2022-11-24 15:33:08 +00:00
Edoardo Pirovano
9071acea01 Merge pull request #11416 from github/edoardo/mergeback-3.8 
Merge `rc/3.8` into `main`
 2022-11-24 15:05:28 +00:00
Erik Krogh Kristensen
03737543d4 Merge pull request #11403 from erik-krogh/additional 
ReDoS: add missing additional keywords
 2022-11-24 15:53:51 +01:00
Edoardo Pirovano
8eeba92a47 Merge pull request #11415 from github/edoardo/mergeback-2.11.4 
Merge `codeql-cli-2.11.4` into `rc/3.8`
 2022-11-24 14:42:36 +00:00
Henry Mercer
56e5f01ce0 Merge branch 'main' into codeql-ci/atm/release-0.4.2 2022-11-24 14:41:49 +00:00
github-actions[bot]
78d49e44b1 JS: Bump version of ML-powered library and query packs to 0.4.3 2022-11-24 14:22:14 +00:00
github-actions[bot]
8d96bfe973 JS: Bump patch version of ML-powered library and query packs 2022-11-24 14:18:13 +00:00
Nick Rolfe
50b10be2db Ruby: StackTraceExposure: add test for a specific rescue type 2022-11-24 14:08:34 +00:00
Nick Rolfe
1c407a28cd Apply suggestions from code review 
Co-authored-by: Harry Maclean <hmac@github.com>
 2022-11-24 14:02:32 +00:00
Tony Torralba
adf905d838 Merge pull request #11368 from ka1n4t/main 
Java: Add binding between annotation and sink-param in MyBatis SQL Injection query
 2022-11-24 14:34:57 +01:00
Tony Torralba
1d57663343 Merge pull request #11345 from atorralba/atorralba/swift/data-models 
Swift: Add taint models for the Data class
 2022-11-24 14:23:41 +01:00
Geoffrey White
32442a33de Merge pull request #11270 from geoffw0/optionals2 
Swift: Dataflow through ?? and ? :
 2022-11-24 13:20:54 +00:00
Ian Lynagh
184c903ec7 Merge pull request #11401 from igfoo/igfoo/unused 
Kotlin: Remove an unused argument
 2022-11-24 12:47:50 +00:00
Ian Lynagh
501ea31c25 Merge pull request #11404 from igfoo/igfoo/build_refactor 
Kotlin build system: Refactor jar-finder
 2022-11-24 12:47:34 +00:00
Anders Schack-Mulligen
f2897f5bfc Merge pull request #11392 from aschackmull/java/adjust-mad-dispatch-priority 
Java: Adjust the prioritisation between MaD and source dispatch.
 2022-11-24 13:10:48 +01:00
Tony Torralba
e4e5291511 Fix more test expectations after rebase 2022-11-24 13:03:12 +01:00
Erik Krogh Kristensen
6464135800 Merge pull request #11409 from erik-krogh/cache-more 
Ruby: cache the compiled extractor in the build tests
 2022-11-24 12:42:33 +01:00
Tony Torralba
fc7c66dab2 Remove now unnecessary additional taint step in UnsafeJsEval 2022-11-24 12:35:52 +01:00
Tony Torralba
e67b72d954 Update test expectations 2022-11-24 12:35:51 +01:00
Tony Torralba
25354d2dd8 Apply code review suggestions 2022-11-24 12:35:51 +01:00
Tony Torralba
6a8b9fde78 Add data flowsources test 2022-11-24 12:35:51 +01:00
Tony Torralba
d6b14a1395 Update test expectations 2022-11-24 12:35:50 +01:00
Tony Torralba
2284127650 Add MaD rows for the Data class 2022-11-24 12:35:50 +01:00
Tony Torralba
4bbc1dc734 Update test expectations 2022-11-24 12:34:48 +01:00
Tony Torralba
cac6e946ab Merge pull request #11411 from atorralba/atorralba/swift/fix-nsdata-test 
Swift: Fix expectation in NSData tests
 2022-11-24 12:34:28 +01:00
Ben Ahmady
7f5df4fc0e Merge pull request #11384 from github/subatoi/codeql-cli-2.11.4 
Adds Kotlin (beta) content
codeql-cli/v2.11.4 		2022-11-24 11:33:46 +00:00
Geoffrey White
c6835cd270 Swift: Update .generated.list. 2022-11-24 11:16:56 +00:00
Tony Torralba
4f8ef13cd8 Fix expectation in NSData tests 2022-11-24 12:13:46 +01:00
Tony Torralba
04450c5173 Merge pull request #11378 from atorralba/atorralba/swift/nsdata-models 
Swift: Add models for NSData and NSMutableData
 2022-11-24 11:19:14 +01:00
Tony Torralba
17218fa663 Formatting 2022-11-24 11:14:16 +01:00
Ben Ahmady
42259ef8d1 Update docs/codeql/reusables/kotlin-java-differences.rst 2022-11-24 10:10:42 +00:00
Tony Torralba
443d0f50c1 Apply suggestions from code review 2022-11-24 11:10:07 +01:00
erik-krogh
c9a600d496 Ruby: cache the compiled extractor, because that's way smaller than the cargo cache 2022-11-24 10:55:38 +01:00
Tony Torralba
2ac06b8db9 Turns out lambda flow is already supported 2022-11-24 10:52:27 +01:00
Nora Dimitrijević
8f065e9483 Merge pull request #11001 from d10c/swift/js-injection 2022-11-24 10:52:05 +01:00
Tom Hvitved
4e4ee32dbc Data flow: Join on one more column in flowThroughIntoCall 2022-11-24 10:48:29 +01:00
Michael Nebel
cb4a7e22f0 Merge pull request #11395 from michaelnebel/csharp/externalflowcleanup 
C#: ExternalFlow.qll cleanup.
 2022-11-24 10:28:58 +01:00
Harry Maclean
57f689401e Ruby: SplatExprCfgNode extends UnaryOperationCfgNode 2022-11-24 17:33:57 +13:00
Ian Lynagh
2d92cee26a Kotlin build system: Refactor jar-finder 
We were globbing with a * in the filename, but that is not necessary.
 2022-11-23 21:43:32 +00:00
Erik Krogh Kristensen
1eec067474 Merge pull request #11294 from erik-krogh/fileDoc 
QL: improve the "this block-comment should have been a QLDoc"-query
 2022-11-23 22:23:36 +01:00
Erik Krogh Kristensen
3d4f64f168 Merge pull request #11397 from erik-krogh/call-instanceof 
Rb: use `instanceof` instead of `extends` on `DataFlow::CallNode` in some case
 2022-11-23 22:20:17 +01:00